This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Hi, I would like to know to if there is way to append a reference list without getting the content of the list before? I look at https://cloud.google.com/chronicle/docs/reference/re...
what is the correct log type OR ingestion label to use in the chronicle forwarder configuration for the following logs ? Cloudflare Network Analytics Logs Zscaler internet access Web Logs
I am reaching out in relation to the following metrics post: https://www.googlecloudcommunity.com/gc/Community-Blog/New-to-Google-SecOps-Using-Metrics-in-YARA-L-Rules-Part-2/ba-p/726336 I am a litt...
Hi All,I am very much looking forward to learning more about parsers, but we do not understand how to develop the parser.Could you please guide us for the parser fundamentals of how to write a parser...
Hey all, I am trying to connect our Chrome browser with Chronicle using the native workspace connector and Chronicle ingestion API. For some reason, i am not able to get the API key to work with the...
We are getting below error while accessing Chronicle console. Any idea why this error is coming ? SSO login was successful, but web_app_enabled is false.
I have a situation where I need to advise some clients and users that the default `Unix System` parser will parse N event types from the Unix System log source. This leads me down a path of in...
Hi Community, Did anyone try to ingest a completely custom log data to Chronicle SIEM? I mean log data which does not fall under any log sources (JSON, KV, etc.) and does not fall under any log typ...
Hi guys, I am creating a yara rule to find the lateral movement of the users. But i am stuck at assigning risk score dynamically (according to the country from user logged in). could you guys plea...
Is there a list of out-of-box Chronicle rules available somewhere to review? Similar to what SCC Premium provides here: https://cloud.google.com/security-command-center/docs/how-to-use-event-threat-d...